CISO MAG | May 2018 1 Volume 2 | Issue 4 | May 2018
Oct 05, 2020
CISO MAG | May 2018
Volume 2 | Issue 4
1PB
Volume 2 | Issue 4 | May 2018
CISO MAG | May 2018 CISO MAG | May 2018
Volume 2 | Issue 4Volume 2 | Issue 4
32
CISO MAG | May 2018 CISO MAG | May 2018
Volume 2 | Issue 4Volume 2 | Issue 4
54
INDEX
CISO MAG | May 2018 CISO MAG | May 2018
Volume 2 | Issue 4Volume 2 | Issue 4
2120
COVER STORY
2120
GDPRand the Leadership Overload How, why, and when to hire that interim CISO.
Chris RobertsChief Security Architect, Acalvio Technologies
COVER STORY
08BUZZIt’s Time for GDPR
46TABLE TALKJustin DollyEVP, Chief Security Officer & CIO, Malwarebytes
16COVER STORYGDPR and the Leadership Overload
24UNDER THE SPOTLIGHTJuan Carlos Lopez RuggieroCSO Healthcare EMEA, DXC Technology
32INSIGHTGDPR: An Opportunity in Disguise
40COLLABORATIONSInfosec Partnerships
54IN THE NEWSTop Stories from the Cybersecurity World
60IN THE HOTSEATHigh-Profile Appointments in the Cybersecurity World
64KICKSTARTERSStartups Making Waves in the Cybersecurity World
16
24
32
46
Volume 2 | Issue 4May 2018
EditorialInternational EditorAmber Pedroncelli
Senior EditorRahul Arora
Senior Feature WriterAugustin Kurian
Media and DesignMedia Director
Saba [email protected]
Design Head and VisualizerMSH Rabbani
DesignerJeevana Rao Jinaga
ManagementExecutive DirectorApoorba Kumar*
Senior Director, Compliance & Governance
Cherylann [email protected]
Marketing & SalesGeneral ManagerMeghana Vyas
Marketing ManagerPooja Saga
Sales Manager - IndiaBasant Das
Sales Manager - North AmericaJessica Johnson
TechnologyDirector of Technology
Raj Kumar [email protected]
If you work in information security and are not living under a rock, you would know that General Data Protection Regulation (GDPR) goes into force in the European Union on May 25, 2018.
Four years in the making, this initiative endeavors to harmonize data protection legislation across the European Economic Area (EEA) and give individuals better control over their personal data.
With the GDPR upon us, the stakes are higher than ever. Organizations can ill afford to procrastinate on GDPR compliance. Our cover story written by Chris Roberts discusses how, when, and why you should hire that interim CISO, who can safeguard the business and manage risk during GDPR transition.
Our Insight section interprets how GDPR can be a great opportunity for information technology businesses in India, as they look to enhance their security posture. In our Buzz section, we discuss how well different economies are prepared for GDPR, the stakes for C-level executives, and the global impacts we can expect from the regulation.
We also interview Juan Carlos Lopez Ruggiero, an advisor on GDPR, who busts a few myths regarding the GDPR and discusses its implications on the European economy. There are a host of other informative features that look at cybersecurity from an all-encompassing perspective.
Tell us what you think of this issue. If you have any suggestions, comments, or queries, please reach us at [email protected].
Jay BavisiEditor-in-Chief
* Responsible for selection of news under PRB Act. Printed & Published by Apoorba Kumar, E-Commerce Consultants Pvt. Ltd., Editor: Rahul Arora.The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher. Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers in writing.
CISO MAG | May 2018 CISO MAG | May 2018
Volume 2 | Issue 4Volume 2 | Issue 4
76
07th - 08th June 2018Grand Hyatt, Mumbai
PARTNERS / SPONSORS
CONTACTSpeaking Opportunities
Jyoti [email protected]
+91-99636-54422
Alliances & Delegate Registrations
Rakesh [email protected]
+91-79778-28905
Sponsorship & TrainingsRenaldo [email protected]
+91-79955-64887
04th - 07th June 2018Grand Hyatt, Mumbai
TRAINING DATESC CISOTM
Certified Chief Information Security Officer
State Partners
https://ciso.eccouncil.org/portfolio/4th-edition-ciso-summit/
CertifiedEC-Council
ASecurity Analyst
TM
CE S
Gold Partners
SEQURETEK
SIMPLIFY SECURITY
Diamond Partners
Education Partner
ACCREDITED. FLEXIBLE. ONLINE.
Mobility Partner Exclusive Media PartnerOutdoor PartnerBug Bounty PartnerStartup Partner Media Partners
Silver Partners Exhibit Partners Supporting Associations
CISO MAG | May 2018 CISO MAG | May 2018
Volume 2 | Issue 4Volume 2 | Issue 4
98 0908
CISO MAG Staff
BUZZ BUZZ
CISO MAG | May 2018 CISO MAG | May 2018
Volume 2 | Issue 4Volume 2 | Issue 4
1 110
Simply put, standard “terms and conditions” phraseology or having users accept data access requests is no longer sufficient. Companies now need to fully inform their users about the usage of the information they are sharing with you. Failure to meet the GDPR guidelines comes with stiff penalties that apply to international organizations whether they are the data controllers or data processors.
“It’s not enough to just connect people. We have to make sure that those connections are
positive. It’s not enough to just give people a voice. We need to make sure that people aren’t using it to harm other people or to spread misinformation. And it’s not enough to just give people control over their information. We need to make sure that the developers they share it with protect their information, too,” said the man who created a platform that started revolutions in countries; helped people find their missing loved ones; transformed vacations, achievements, and celebrations into memorable collages; let people share their opinions; and finally, most recently, let some organization use this kaleidoscope of personal data for manipulation.. Mark Zuckerberg has admitted his grave error, but the harm is already done.
While the United States is debating the issue of data privacy, the EU’s GDPR will go into effect on May 25, 2018. The General Data Protection Regulation is intended to strengthen the European (and Britain) citizen’s control over the privacy of their online data while adding to the accountability of all businesses, especially online.
Replacing 1995 EU Data Protection Directive and UK’s Data Protection Act 1998, the GDPR is expected to reinforce the rights of citizens over their personal data in terms of accessing the information being shared or filing complaints over data abuse. The entire premise of the law is to ensure that any data collected is being utilized for the purpose disclosed to its users at the time of collection.
International undertones of GDPR
According to a survey by PwC that included 300 C-suite executives from US, UK, and Japanese companies with subsidiaries in Europe, the US lead the preparation poll with 22 percent companies claiming to have the finished GDPR set-up. In contrast, only eight percent of the companies surveyed in UK self reported that they were up to snuff. Japan was only at two percent, although they plan to draw level in the coming days with significant investment of funds.
With the GDPR deadline looming, expenditures on GDPR preparation are also on the rise. More than 85 percent companies report spending of more than $1 million, while 40 percent have spent nearly $10 million.
In an interview with CISO MAG, Ardi Kolah, Executive Fellow and Director of the GDPR Transition Programme at Henley Business School, explains the implications of GDPR on international organizations operating within
BUZZ BUZZ
1 110
SUBSCRIBE NOWFOR COMPLETE ISSUE